From e445569f5be5ee2cd4bb631ef882fc1093670543 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Thu, 09 Aug 2007 17:42:31 +0000
Subject: [PATCH] Implement support for an identity mapper that can use regular expressions to transform the provided ID string before searching for the appropriate matching user in the server.  This makes it possible, for example, to strip the realm portion of a Kerberos V principal to obtain just the username before searching for entries containing a uid attribute with that value.

---
 opends/resource/schema/02-config.ldif |   11 +++++++++++
 1 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/opends/resource/schema/02-config.ldif b/opends/resource/schema/02-config.ldif
index 6ddc2de..87d0a8e 100644
--- a/opends/resource/schema/02-config.ldif
+++ b/opends/resource/schema/02-config.ldif
@@ -1561,6 +1561,12 @@
   NAME 'ds-cfg-plugin-order-subordinate-modify-dn'
   SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
   X-ORIGIN 'OpenDS Directory Server' )
+attributeTypes: ( 1.3.6.1.4.1.26027.1.1.469 NAME 'ds-cfg-match-pattern'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
+  X-ORIGIN 'OpenDS Directory Server' )
+attributeTypes: ( 1.3.6.1.4.1.26027.1.1.470 NAME 'ds-cfg-replace-pattern'
+  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE
+  X-ORIGIN 'OpenDS Directory Server' )
 objectClasses: ( 1.3.6.1.4.1.26027.1.2.1
   NAME 'ds-cfg-access-control-handler' SUP top STRUCTURAL
   MUST ( cn $ ds-cfg-acl-handler-class $ ds-cfg-acl-handler-enabled )
@@ -2190,4 +2196,9 @@
   MUST ds-task-disconnect-connection-id
   MAY ( ds-task-disconnect-message $ ds-task-disconnect-notify-client )
   X-ORIGIN 'OpenDS Directory Server' )
+objectClasses: ( 1.3.6.1.4.1.26027.1.2.121
+  NAME 'ds-cfg-regular-expression-identity-mapper' SUP ds-cfg-identity-mapper
+  STRUCTURAL MUST ( ds-cfg-match-attribute $ ds-cfg-match-pattern )
+  MAY ( ds-cfg-match-base-dn $ ds-cfg-replace-pattern )
+  X-ORIGIN 'OpenDS Directory Server' )
 

--
Gitblit v1.10.0